<?php
define('SCR', 'upload');
require_once('global.php');


require_once(R_P.'require/init.php');

if (!$login_name)
{
	ObHeader('admin.php');
	exit;
}
require_once(R_P.'require/class_content.php');
require_once(R_P.'require/chinese.php');
$basename = 'upload.php?';

class Publish extends Content
{

	public function __construct($mid = 1)
	{
		$this->mid = $mid;
		parent::__construct($this->mid);
	}

	public function getArea()
	{
		return $this->inputArea();
	}

	public function AddAction()
	{
		global $login;
		require_once(R_P . 'require/class_usergroup.php');
		$group = UserGroup::getGroup($login['groupid']);
		if (!$group['ifupload']) {
			showAlert('对不起，您所在的用户组无权上传内容');
		}

		empty($_POST['title']) && exit('notitle');
		$resTitle = $_POST['restitle'];

		if (!in_array($_POST['cid'], $GLOBALS['cate_allow']))
		{
			showAlert('您无权在此目录上传内容！', 'upload.php');
		}
		$tid = $this->InsertData($_POST, $_POST['cid']);
		start();
		echo '<script language="javascript">
		parent.document.getElementById("step0").style.display = "none";
		parent.document.getElementById("upfile").style.display = "block";
		parent.$("#step_descrip").html("第二步：上传<span style=\"color:red\">' . substrs($_POST['title'], 30) . '</span>的相关文件");
		parent.createSWFUpload(' . $tid . ');
		</script>
		';
		//parent.objectSWF(' . $tid . ');
		//通知页面可以进行上传，实例化JS对象
		exit($tid);
	}

	public function EditAction()
	{
		global $login_name;

		empty($_POST['title']) && exit('notitle');
		$tid = intval($_POST['tid']);
		$resTitle = $_POST['restitle'];
		$rs = $this->mysql->get_one("SELECT cid,tid FROM cms_contentindex WHERE tid='$tid' AND publisher='$login_name'");
		if (empty($rs))
		{
			showAlert('您无权编辑此内容');
		}

		$this->UpdateData($_POST, $tid);
		if ($_POST['cid'] != $rs['cid'])
		{
			$newCid = intval($_POST['cid']);
			$oldCid = intval($rs['cid']);
			$this->mysql->update("UPDATE cms_contentindex SET cid='$newCid' WHERE tid='$tid' AND cid='$oldCid'");
			$this->mysql->update("UPDATE cms_category SET total=total-1 WHERE cid='$oldCid'");
			$this->mysql->update("UPDATE cms_category SET total=total+1 WHERE cid='$newCid'");
			require_once(R_P . 'require/class_cache.php');
			Cache::writeCache('cate');
		}
		start();
		echo '<script language="javascript">
		parent.editContent();
		</script>
		';
		//通知页面可以进行上传，实例化JS对象
		exit($tid);
	}

	public function SearchTagAction()
	{
		global $db;
		$tagname = Char_cv($_GET['tagname']);
		$tagname = trim(str_replace(array('%','_'),array('\%','\_'),$tagname));
		$rs = $db->query("SELECT * FROM cms_tags WHERE tagname LIKE('$tagname%') ORDER BY num DESC LIMIT 0,10");
		$tmpText = "";
		while ($tag = $db->fetch_array($rs)){
			$i++;
			$tmpText .= "<A href=\"javascript:SelectTag('{$tag[tagname]}','{$tag[tagid]}');\" id=\"tag_{$tag[tagid]}\">{$tag[tagname]}(<font color=red>{$tag[num]}</font>)</A>&nbsp;&nbsp;&nbsp;";
			$i==5 && $tmpText .= '<br/>';
		}
		if($tmpText){
			echo $tmpText;
		}else{
			echo 'error';
		}
		exit();
	}

	public function tagsAction()
	{
		global $db;
		$tagname = $_GET['tagname'];
		//$tagname = $this->Convert($tagname);
		$tagname = Char_cv($tagname);
		$tagname = explode(' ',$tagname);
		$tags = '';
		foreach($tagname as $tag){
			if(!$tag){continue;}
			$rs = $db->get_one("SELECT tagid FROM cms_tags WHERE tagname='$tag'");
			if($rs){
				$tags .= $tags ? ','.$rs['tagid'] : $rs['tagid'];
			}else{
				$db->update("INSERT INTO cms_tags SET tagname='$tag'");
				$tags .= $tags ? ','.$db->insert_id() : $db->insert_id();
			}
		}
		echo $tags;
		exit();
	}

	public function delAction()
	{
		global $db, $login_name;
		$tid = intval($_GET['tid']);
		$rs = $db->get_one("SELECT tid,cid FROM cms_contentindex WHERE publisher = '$login_name' AND tid='$tid'");
		if (!$rs)
		{
			exit('Forbidden! 非法请求');
		}
		require_once(R_P . 'require/class_action.php');
		$action = new Action('delete');
		$action->cate($rs['cid']);
		$action->doIt($tid);
		showAlert('已经成功删除该内容。', 'my.php?action=upload');
	}

	public function removeResAction($rid = 0, $tid = 0)
	{
		global $db, $login_name;
		if ($tid == 0) {
			$tid = intval($_GET['tid']);
		}
		if ($rid == 0) {
			$rid = $_GET['rid'];
		}
		$rs = $db->get_one("SELECT tid,cid FROM cms_contentindex WHERE publisher = '$login_name' AND tid='$tid'");
		if (!$rs)
		{
			exit('Forbidden! 非法请求');
		}
		require_once(R_P . 'require/class_resource.php');
		$res = new Resource();
		$res->remove($rid, $tid);
		return true;
	}

	public function getEditArea()
	{
		return $this->editArea($_GET['tid']);
	}

}

/* 特殊Action */
if (isset($_POST['Filename'])) /* Flash空间上传动作 */
{
	$tid = intval(getVal('tid'));
	$rs = $db->get_one("SELECT publisher,cid FROM cms_contentindex WHERE tid=$tid");

	if ($rs['publisher'] != $login_name)
	{
		die('100'); //非法的上传动作
	}

	$cid = intval($rs['cid']);
	require_once(R_P . 'require/class_resource.php');
	$res = new Resource();
	$rids = $res->upload('', $tid, $cid);
	//$icon = $res->getIcon($_POST['Filename']);
	$db->query("UPDATE cms_contentindex SET resnum=resnum+1 WHERE tid='$tid'");
	$rid = $rids[0];
	die($icon . '|' . $rid);
}
elseif (isset($_POST['id'])) /* 提交文件标题动作 */
{
	require_once(R_P . 'require/class_resource.php');
	$res = new Resource();
	$res->rename($_POST['id']);
	$cid = intval($_POST['cateid']);
	Cookie('defaultcid', $cid, $timestamp+31536000); //记住这一次的目录

	require_once(R_P . 'require/class_usergroup.php');
	$group = UserGroup::getGroup($login['groupid']);
	if (!$group['ifcheck'])
	{
		showAlert('您所在的用户组上传内容需要经过审核，审核后才会显示出来。');
	}
	else
	{
		showAlert('您已经成功上传内容。', 'my.php?action=upload');
	}
	exit;
	//header("Location:list.php?cid=" . $cid);
}
elseif ($_GET['action'] == 'rename')
{
	require_once(R_P . 'require/class_resource.php');
	$res = new Resource();
	$res->rename($_POST['filetitle']);

	showAlert('文件批量命名成功', null);


	exit;
	/*
	require_once(R_P . 'require/class_resource.php');
	$res = new Resource();

	$rid = intval($_GET['rid']);
	$tid = intval($_GET['tid']);
	$title = Char_cv($_GET['title']);
	exit($title);
	$rs = $db->get_one("SELECT publisher FROM cms_resource r LEFT JOIN cms_contentindex c USING(tid) WHERE r.rid='$rid' AND r.tid='$tid'");
	if ($rs['publisher'] != $login_name) {
		exit('您无权修改他人内容');
	}
	$arr = array("$rid"=>"$title");
	$res->rename($arr);
	exit('100');
	*/
}


/* 普通动作 */

$action = $_GET['action'];
$publish = new Publish();

if (empty($action))
{
	require_once(R_P . 'require/class_usergroup.php');
	$group = UserGroup::getGroup($login['groupid']);
	if (!$group['ifupload']) {
		showAlert('对不起，您所在的用户组无权上传内容');
	}

	$action = 'add';
	$inputArea = $publish->getArea();

	$cate_select = $cate->tree();
	$defaultcid = GetCookie('defaultcid');
	$private_N = 'CHECKED';
	$cate_select = str_replace("value=\"$defaultcid\"","value=\"$defaultcid\" selected",$cate_select);

	start($very['charset']);
	require Template('upload_new');
	footer();
}
elseif ($action == 'add')
{
	$publish->AddAction();
	exit;
}
elseif ($action == 'edit' && isset($_POST['step']))
{
	$publish->EditAction();
	exit;
}
elseif ($action == 'edit')
{
	$rs = $db->get_one("SELECT cid,ifprivate FROM cms_contentindex WHERE tid='$tid' AND publisher='$login_name'");
	if (empty($rs))
	{
		showAlert('您无权编辑此内容');
	}
	$inputArea = $publish->getEditArea();
	list($tagsid,$tags) = $publish->getTags($tid);

	require_once(R_P . 'require/class_resource.php');
	$res = new Resource();
	$fileList = $res->getOne($tid);

	$cate_select = $cate->tree();
	$cate_select = str_replace("value=\"$rs[cid]\"","value=\"$rs[cid]\" selected", $cate_select);

	ifcheck($rs['ifprivate'], 'private');
	start($very['charset']);
	require Template('upload_new');
	footer();
}
elseif ($action == 'removeRes')
{
	$publish->removeResAction();
	exit('1');
}
elseif ($action == 'muldelete')
{
	$publish->removeResAction($_POST['delrid'], $_POST['tid']);
	echo '<script language="javascript">';
	echo '		var inputTable = parent.document.getElementById("resourceTbody");var resTr = null;';
	foreach ($_POST['delrid'] as $removeRid)
	{
		echo 'resTr = parent.document.getElementById("res_' . $removeRid . '");';
		echo 'inputTable.removeChild(resTr);';
	}
	echo '</script>';exit;
	showAlert('已经成功删除所有选中文件', null);
}

elseif (method_exists($publish, $action . 'Action'))
{
	$action = $action . 'Action';
	$publish->$action();
	exit;
}

?>